CVE-2026-10898

CVE-2026-10898 : Stack buffer overflow in the GPU component of Google Chrome before 149.0.7827.53 allows a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome versions prior to the fixed 149.0.7827.53; Chrome...

CVE-2026-10897

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10897

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10891

CVE-2026-10891 details : A use-after-free in GFX within Google Chrome on Linux allows a remote attacker to potentially cause heap corruption via a crafted HTML page. The vulnerability is tied to Chrome/Chromium code paths, with a high-severity impact (CVSS v3.1: 8.8, Critical). Affected product: ...

PT-2026-46548

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker who has compromised the renderer process to perform domain spoofing by using a crafted HTML...

PT-2026-46694

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46429

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue in Passwords allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform...

PT-2026-46822

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker to perform privilege escalation through the use of a crafted HTML page. Recommendations Update to version...

PT-2026-46641

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue exists in Device Trust. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML page. U...

PT-2026-46805

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in CustomTabs allows a local attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version...

PT-2026-46473

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data, which is information from a different domain than the one currently...

PT-2026-46699

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Incorrect security UI in the Contact Picker allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where an attacker mimics a...

PT-2026-46444

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue in Core allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use after...

PT-2026-46781

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

PT-2026-46767

Insufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

PT-2026-46497

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Dawn allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendatio...

PT-2026-46460

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in FileSystem allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw that occur...

PT-2026-46636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, an open-source graphics abstraction layer allows a remote attacker to leak cross-origin data by using a crafted HTML...

PT-2026-46553

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A stack buffer overflow exists in Skia, a graphics library used by the browser. This issue allows a remote attacker to potentially cause stack corruption by inducing the user to open a...

PT-2026-46538

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the USB component on Windows allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corrupti...